Posted
by
Soulskill
on Tuesday November 23, 2010 @09:13AM
from the brain-tumor-insurance-not-offered-to-youtube-commenters dept.

storagedude writes "There seems to be no end to the ways your personal data and online behavior can be used against you. According to the Wall Street Journal, insurance companies are considering using online behavioral and social networking data to try to weed out insurance risks. What you read, what you buy, how much TV you watch, your credit, your fan pages... it could all be used to predict your longevity and insurance risk. The practice, which appears to be in the early stages, could raise concerns with the FTC and insurance regulators, but insurance and data mining companies say they just plan to use it to speed up the applications of people who appear to be good risks; others would have to go through more rigorous traditional screening."

They have an increased risk that you might potentially be a person who has, or has family who have, a given condition. Therefore you should pay more for insurance, because you (or someone who could be mistaken for you) presented some interest in Percutaneous Transhepatic Cholangiography, for example.

"You can't be turned down" is irrelevant because they can charge you whatever they want.
And even better, you can't turn them down, because under Obamacare, you have to have insurance even if they set the premium so high that you can't afford it.
This will be the best thing to happen to the insurance companies since, well, everything else that has happened to the insurance companies. Thank you Obama, for bailing out the already rich insurance companies.

Are you claiming that Google is selling browser history data to the health care industry?

How much is being paid?

Exactly who is buying.

I suspect that this is not the case since this would fundamentally destroy their business and they are or at least should be sensible enough to recognize this.

Rather, I suspect, but can not as yet prove, that it is the health care industry mining data from social networking sites and on-line marketers that are the primary culprits in this. Exactly, how much is being paid to

All the insurance companies have to do is pay for ads to be displayed for target conditions. If searches for "diabetes" show ads that people click, then the insurance companies have IP addresses. If the users don't click, the insurance companies still have a number totaling how many times their ad was displayed, and in what general populations.

Health insurance companies often send private investigators after people who they think might be feigning injury. I've heard of this happening about a decade ago.

Car insurance companies send lookouts to street racer hangouts and sometimes even 100% legal track meets to look for customers to cut off (almost all insurance contracts say that participating in a timed run or contest of speed is not covered. It's standard procedure for us low-budget racers to get a barebones insurance package for our streetable track rats and just not tell the insurance companies shit...we fix our own vehicles of course and pay for separate event insurance, so the insurance company basically gets free money for giving us a piece of paper we need in case we get pulled over, but they aren't happy with this for some reason.)

This isn't even the first instance of insurance company spying ON THE INTERNET - a couple of years ago there was a story of a depressed woman cut off from her health care insurance because she posted a happy status update and a pic of her smiling to her Facebook page.

1) The War in Afghanistan and against "terror" is being lost and there really are more "imminent threats" out there. Al Qieda is now publishing a magazine that attempts to target third parties to join in on ways to destroy our economy. One article instructs folks how to make bobby trapped parcels and suicide bombs for travelers.

2) For those corporations and their owners who make huge money off security, defense contracting, militarism, and the overall trappi

You may laugh, but I remember driving into Dallas a decade ago and seeing a billboard for an I-have-herpes dating service. That would be a really... interesting client list.

Something like between 1 in 5 to 1 in 8 adults have genital herpes. So it is likely that someone you know has it. Although there are also stats that say only 1 in 5 who have it actually know they have it as it is hard to correctly diagnose.

I'm posting anon (let me just check that again!) because I do have HSVII and belonging to a social group where everyone has the same socially (yet in our opinion unfairly) stigmatized disease is a emotional relief.

Actually you are correct.
For true life insurance(say 100k USD+, but generally 250k is the bar) you have to prove that there is an insurable interest. Kids, wife, someone who is going to miss that income. Someone that depends on you. And it is based on income being currently earned. Disability income does not count.

Here's a little something while we're on the subject of Mom's basement. Women live longer than men. While studying why that is, scientists have learned that there is a way to bring men's longevity up to women's:

Here is what will happen:
1) People will "game" the system to get cheaper quotes (e.g. fake browser history, fake cookies, etc).
2) Some insurance company which doesn't really understand technology will either sue a client, or try and withhold a payout
3) A 70 year old judge will agree that fake browser history (or "privacy" as I like to call it) is fraud
4) A law will be passed making it illegal to tamper with or destroy your browsing history, or to attempt to avoid tracking while online

5) Some idiotic politician will make this a platform; while making no real binding committment to deal with it
6) The insurance company will continue post positive growth, based on profiling
And so the wheel turns......

I can also see an alternative #3: Attempting to remove browser history or identifying cookies is considered bypassing DRM under DMCA/ACTA/whatever future laws get made.

What I'd like to see is research on pseudo-anonymity. The ability to have an identity remain anonymous, but people are able to correlate posts/ideas. This way, someone anonymous ID (like the person posting under the nym Black Unicorn back in the Cypherpunk days) can start to have a reputation and some way of knowing posts were his/hers, bu

We already have that. It's called Pen-Name/Psuedonym and is how I exist online. Yes you can google search on my handle and find lots of what I've posted as Fast Turtle but you wont confuse that with my other psuedonyms because I have never linked them.

You say you have never linked them, but I think that linking those IDs is a current thing corporations and the spooks are doing, or will be a future Next Big Thing.

If a user signs up to many forums, or sites with comment systems, with different usernames, if they ever use the same email address then the users can be cross referenced (trivially, if the site publicly publishes those addresses). If the user adds IM details to a profile, they can be cross referenced (ever tried Googling an ICQ number? It can be

PKIs are nice, but it is better to trust multiple people as trusted introducers than just one CA. This way, if a person decides to introduce Charlie as Bob, Alice will know because Mallory and Dave will show Bob's public key as different than what was stated, and the person who lied about the introduction can be marked as untrusted [1], and that info about the person being not trustworthy being propagated along the WoT chain.

This has nothing to do with your cookies, browsing history, etc. It will be an accumulation of your searches, shopping habits, media habits, social networks, etc. Your online behaviour as seen by third parties. They will scrape what they can and buy the rest. They are basically profiling people looking for correlations with their insurance risks. This is nothing new, it is what they have been doing for years. They are just looking at adding new data points that are cheaper and readily available.

That should make me one of the safest customers.Right?They certainly don't need to worry about me wrecking since I'm not driving, or chopping my finger off with a saw since I'm not working. I just sit and avoid risk.

Deloitte and the life insurers stress the databases wouldn't be used to make final decisions about applicants.

Bullshit.

She also says that, while Acxiom does store personally identifiable information, it doesn't store or merge anonymous online-tracking data, such as Web-browsing records.

Bullshit.

Units of News Corp., including The Wall Street Journal, supply information to marketing-database firms and buy information from them. "We have strict precautions around confidentiality," a spokeswoman said.

Bullshit.

The insurer says pilot projects with marketing data are continuing in its effort to improve clients' buying experience.

Bullshit.

All these quotes were made by PR and corporate stooges. Does anyone honestly think they would tell the real story?

I used to work for Acxiom a long time back....and it was scary THEN what information they have on people. Back then, we were looking to expand into Europe, etc for information gathering.

They did all kinds of neat things....you fill out a change of address for the post office? Yep, they buy and use those to clean their databases on you. Many states sold and still sell drivers license info, they use that. Do you ever fill out warranty cards for products you buy? Fill in the surveys anywhere? Yep, they know who you are. They can pull up pretty accurate info for likely 95% or so of the people in the US, who knows about foreign countries by now. They can tell how much you make, if you wear glasses.....any number of personal or financial traits you might have.

They are VERY good at it. Heck, after 9/11...the Feds used Acxiom to start data mining for terrorists.

I know they have info on me, but I try not to make it easy. At the one grocery store I shop at that still uses customer cards...I am registered at a 98 yr old hispanic lady named Goldenberg...and a native of Sweden. I just make sure and only pay cash at that store. I fill out every possible survey and form out incorrectly trying to skew their data profile on me. Post Katrina, as I moved around...they lost me for a bit. But I think they have me decently again, due to magazine publications I like to read.

Oh well...hard to stay invisible these days...but you don't have to try to actively try to help them. That facebook thing looks like it could be fun, but man, I just cannot bear to let even more info out about me voluntarily.

Well. Perhaps the next Timothy McVeigh will set his sites on Acxiom instead of the government and attack the problem at its source.

The government has rules and restrictions about the data it is allowed to collect and connect. The reasons for these rules and restrictions is to prevent precisely what is happening now. So what does the government do? Change the rules? No. They just step around them by using the information collected by others.

"The government has rules and restrictions about the data it is allowed to collect and connect. "

Are you kidding?

In the US, there are VERY few laws about personal data collection and distribution. If you read the article, it says Acxiom and these other companies are very wary about selling this information to the insurance companies for this usage, in fear that it might trip up some regulations that do exist (with the FTC I think?).

But really, with the exception for HIPAA type information, in the USA, it is pretty much the wild west out there...anyone can gather what information they want on you, and use it in almost any fashion without any repercussions from the very few laws that do exist out there concerning this.

And these companies don't want this kind of attention, nor this kind of regulation in the future. They make a LOT of money with this stuff.

One interesting project Acxiom had going on back in the day, was to come up with the perfect personal identifier, so as to make it easier to identify you as you moved, married, changed names, changed SSN, etc. They want to track you from birth to death, and by now, I'm sure they do a pretty darned good job of it.

I do not condone violence like you alluded to...there are innocent people there working that are just trying to earn a living. And it is a free country, and this is perfectly legal what they do. If you don't like it..legal action is the path to take.

The rules and restrictions I speak of are only applicable to GOVERNMENT. For example, there are ample laws in place to prevent the use of social security numbers for purposes other than social security account management. But there are not laws that say entities other than government can't use that number and so they do. In fact, there's no law that says state and local government can't -- the law only applies to federal government. But there are also laws preventing the sharing of collected law enforce

The Federal Reserve Bank is part of the government. It was created by an act of Congress and its Board of Governors is appointed by the President (and confirmed by the Senate). However, each member of the Board of Governors serves for a 14 year term. Additionally, the President selects a member of the Board of Governors to appoint for a 4 year term as Chairman and a second member to serve a 4 year term as Vice Chairman.
So to repeat, the Federal Reserve is a government body. Its governing Board is appointed

Using front companies that present themselves as marketing or advertising agencies, Choicepoint (since purchased by LexisNexis) buys data from pizza delivery places. Apparently it's a great way to be able to correlate unpublished or cellular phone numbers to a particular address.

Oh, I'm sure they were telling the truth and they already have a set of well-engineered processes that will comply with those statements to the letter and still result in exactly the situation nobody wants to see.

It is really easy to do:

1. Everybody goes through a highly-intrusive pre-screening process. This doesn't result in any denials or bad rates, this just gives low-risk customers the ability to get through the process more quickly and end up with a low rate.

Because of the volumes of insurance contracts processed by small companies (foreclosure situations case in point), anyone who does not 'fit the mold' of the initial screen will probably be rejected.

I myself needed to take up a loan once here in the UK because I had after a year-long degree managed to secure a high paying job, but needed to secure the last rent payment. If my bank had shut down my account it would have been a terrible blow to my reputation at the new firm. Unfortunately all loan applications

The First Amendment becomes meaningless as limits to speech come more and more from the corporate sector. In a world where everything you do and say is recorded and databased, and where industries (like insurance) are increasingly dominated by just a few players, stepping out of line even once can have dire consequences. The blacklist is back.

Yeah, it's totally outrageous that an insurance company would want to accurately characterize the risk associated with each potential customer, I mean, that would let them do things like operate their business efficiently, or offer less risky customers lower rates (this is just the other way of saying that they will use the information to charge risky customers extra...).

This will be used to gouge customers arbitrarily, like any and other possible excuse has been used.

My g/f moved in with me recently. The house we live in is 600 yards from her parents house, and on the same estate. They are connected by the same road running through the estate. Turn right for the road to her mom's house, left for ours.

Her insurance premium went up by over £300 (an increase of approx 80%). The reason was that the post code was more at risk. A po

It seems a lot more likely to me that they'll use the information retroactively, to deny valid claims. Get in a late night car accident and you may be on the hook for all the liability that they originally told you would be covered because someone with the handle Maxume posted on Car And Driver's reader forum about participating in illegal street racing.

But there isn't true competition. Most insurance companies are public corporations, and so shareholders in different companies will overlap. And most of the shareholders will be investment banks and the like (not middle-class share dabblers), and they will want to see maximum returns as soon as possible, and they don't care how it happens. Suddenly very similar pressures are on different companies, so the odds of the different companies making the same decisions shoot up.

If you think that a "fat slob" paying more for his insurance means that you'll pay less, you have a very naive view of insurance companies. Or companies in general. Also, how diligent do you think they'll be to check that you're not a fat slob? Remember that banks have been foreclosing on houses that weren't even in default!

Insurance companies will use whatever information they can get their hands on to try and make sure that what they get paid for providing insurance is appropriate for the risk profile of who/what they are insuring.

It is a core part of their business model to correctly determine the risk profiles of the individual/situation for which they are providing insurance so that they charge the right premium and in aggregate make a profit.

Many of us want to make sure that our genetic information doesn't get collected at thrown into a public database because it would sooner or later end up in the hands of insurance companies and affect our personal premiums for everything from medical insurance to car insurance.

I see this as a fantastic opportunity to have insurance companies' actuaries work for me for free. Now I know that if I apply for insurance and get immediately accepted, then I shouldn't buy it, as the company has determined (probably correctly) that I don't need it. If they really put me through the ringer, that means they're not sure they can make a profit on me, so there's at least some chance I'm not just throwing my money out the window at them.

Yup, the better science gets, the less insurance works, and the more you just need socialism (or not - depending on your views).

The whole concept of something like health insurance is that you don't know if you're going to need it, and so you buy it just in case. If you know if you're going to need it, then it loses its purpose. Either companies also know and you can't afford it, or companies aren't allowed to know and all go out of business since healthy people won't buy it.

If the goal is socialism we can just cut out the middleman and treat it like any other social program. If the goal is actually insurance then eventually we'll hit a point where we can't accomplish that goal.

If they were making that much money, why not invest in them? Most are public companies, after all.

The truth of the matter is that the average insurance company (not talking medical here, just "normal" insurance) sucks a bunch of money out of the system in terms of salaries, etc, but typically pays out as much or more money in claims as they take in in premiums. They make their profit and pay their expenses by holding "float", investing the premium money until they need to pay it back out.

They make their profit and pay their expenses by holding "float", investing the premium money until they need to pay it back out.

Which is why there's a strong incentive for insurance companies to push for bigger payouts: the bigger the payout, the higher the premiums, the more profit from investing that money short-term. That's particularly true in parts of the world where the government restricts their profits to a percentage of their payouts, in order to 'prevent profiteering' and 'help the consumer'.

The whole concept of insurance is broken when there are strong incentives for insurance companies to increase your costs over time to

I would welcome that. Once the premiums are balanced with the cost of the risk (plus profit) the product becomes more reasonable IMO. At that point the customer has the real option of either not taking insurance and managing risk themselves, or taking insurance and not having to worry about saving to manage risk. The cost of that risk management service is the profit taken by the insurer. If that profit margin is too high, customers will leave and manage their own risk. It's balancing.

We see this reality at play everywhere from religion to medicine to the stock market. Anti-gun people even today have conveniently ignored the positive effects of concealed handgun licenses across the US and continue to cry "blood in the streets."

And of course insurance companies are looking for new excuses to raise rates. (How often do you see rates decline? Not often... I have USAA insurance, but they seem the be the only exception... my rates went down again with my most recent renewal.) Greed knows no limits. It's the justification and reasonableness that are growing more and more scarce.

I would say that this is "old news" or not news at all if it weren't for the fact that people simply need to learn to accept and embrace certain aspects of the reality of human nature that are continually used against us all. We don't use facts when fear is so much more effective at getting the immediate results desired.

I was lucky enough to think of using a pseudonym the first time I got online through a 2400 bps modem and I have kept that since then. It was really useful when I got hired as programmer for a defense contractor, I caught my manager goggling me and of course he found nothing. I use fake names in social networks... my friends know who really I am.

Only websites where I use my real identity are the ones who already got my personal info through other means (banks, credit cards, insurance, etc).

I've been using a pseudonym for a long long time...but that includes creating accounts for WoW or whatever other services, and I've given them enough billing information for someone to link my pseudonym and my real name.

So Mr spectro, you've really used a pseudonym and kept that pseudonym separate from anything that could be traced to you? Because otherwise you're just one data breech away from the link.

Have you been using the same pseudonym since you first went online? If it's reasonably unique it only takes one slipup or one leak and it can be tied to your name. Bam they know all about your leet haxor skills with nothing you can really do. Personally, I use a different alias for every new website. Track that!

I was lucky enough to think of using a pseudonym the first time I got online through a 2400 bps modem and I have kept that since then. It was really useful when I got hired as programmer for a defense contractor, I caught my manager goggling me and of course he found nothing. I use fake names in social networks... my friends know who really I am.

do you really think that makes you hard to find? first of all, are you 100% sure you never used your real name and pseudonym in the same place, or in places that are associated in some way?
second: social networks. i just need to know 1 of your friends who happens to use his real name on facebook, and I will be able to find you. did you know that facebook considers certain information public,regardless of your privacy settings, and that this information includes your list of friends?

The real trick is to build some tools that will cause an online persona with your name to do all the right things. Join exercise and health discussion groups. Avoid any being associated with people who smoke or drink. Maybe there is a market in bots that will make you look good to insurance companies, law enforcement, etc.

I see no issue at all in insurance companies and others being allowed to study our personal data.All we are talking about is limiting the ability of people to commit fraud. For example a person might consider themselves as living a healthy lifestyle whereas the objective data might reveal a lot of very risky behavior. As we now make a transition from private health care to public health care there are less and less reasons to hide the truth. For example if our cars could communicate with our insura

There are other things we could do to save lives. Such as lock everyone in their homes 24/7. Hell, we could sterilize the population so that no children are born who could potentially die somehow. Think of the lives we'll save.

At some point someone needs to tell the insurance companies that they are in business to provide INSURANCE against risk. If the consumer has no risk to insure against, their services are kind of pointless.